[SERVER-74999] Create configuration file option for custom X.509 extension for cluster membership Created: 17/Mar/23 Updated: 29/Oct/23 Resolved: 03/Apr/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.0.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Varun Ravichandran | Assignee: | Sara Golemon |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | auto-reverted | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Assigned Teams: |
Server Security
|
||||||||||||||||||||
| Backwards Compatibility: | Minor Change | ||||||||||||||||||||
| Sprint: | Security 2023-04-03, Security 2023-04-17 | ||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Linked BF Score: | 0 | ||||||||||||||||||||
| Description |
|
Define an X.509 extension that should explicitly be set on certificates when the clusterMembershipExtension configuration option is specified. All connecting clients that provide a certificate with that extension set to the value of clusterMembershipExtension will be treated as peer servers provided that the host server is configured to handle X.509 auth. |
| Comments |
| Comment by Githook User [ 03/Apr/23 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: |
| Comment by xgen-buildbaron-user [ 01/Apr/23 ] |
|
Ticket re-opened due to revert. external_auth began a consistent failure of src/mongo/db/modules/enterprise/jstests/external_auth/ldap_authz_runtime_parameters.js,src/mongo/db/modules/enterprise/jstests/external_auth/ldap_authz_query.js,src/mongo/db/modules/enterprise/jstests/external_auth/ldap_user_mapping.js |
| Comment by Githook User [ 01/Apr/23 ] |
|
Author: {'name': 'auto-revert-processor', 'email': 'dev-prod-dag@mongodb.com', 'username': ''}Message: Revert " This reverts commit 2dcf180fa810ec81054db8249337255495e41647. |
| Comment by Githook User [ 31/Mar/23 ] |
|
Author: {'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}Message: |